This page was not yet optimized for use on mobile devices.
CONEXA 3.0, Version 1.6
CSV information ?
| Status | active |
|---|---|
| Valid from | 06.02.2025 |
| Valid until | 05.02.2033 |
| Scheme | 🇩🇪 DE |
| Manufacturer | Theben Smart Energy GmbH |
| Category | Other Devices and Systems |
| Security level | ALC_FLR.2, AVA_VAN.5, EAL4+ |
| Protection profiles |
Heuristics summary ?
Certificate ID: BSI-DSZ-CC-0918-V7-2025
Certificate ?
Extracted keywords
Symmetric Algorithms
AES, HMAC, CMACAsymmetric Algorithms
ECC, Diffie-HellmanHash functions
SHA256, SHA-256, SHA-384, SHA-512Schemes
MAC, Key Exchange, Key agreementProtocols
SSH, TLS 1.2, TLS, IKEv2, IPsecElliptic Curves
secp256r1, secp384r1Block cipher modes
CBC, GCMSecurity level
EAL 4, EAL 5, EAL 2, EAL 1, EAL 5+, EAL 6, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_FLR.2, ALC_FLR, ALC_CMS.4, AVA_VAN.5Protection profiles
BSI-CC-PP-0073-2014Certificates
BSI-DSZ-CC-0918-V7-2025, BSI-DSZ-CC-0918-V6-2024Evaluation facilities
TĂśV InformationstechnikCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Technical Report, Version 2, 2025-01-29, ETR Summary – CONEXA 1.6, TÜV Informationstechnik GmbH, (confidential document) [8] Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, 4 Konfigurationsliste Smart Meter Gateway CONEXA 3.0, Version 1.1, Theben Smart Energy GmbH (confidential document) [10] Configuration list for the TOE SW, “ASSURANCE LIFE CYCLE – CONFIGURATION MANAGEMENT” DER, 3.0 (ALC_CMS.4), Version 3.85.0-cc, Theben Smart Energy GmbH (confidential document) [11] Handbuch CONEXA 3.0 für Gateway Administrator, Version 2.13.3, 2024-11-25, Theben Smart, Report – Smart Meter Gateway CONEXA, Version 3.01.1, 2025-01- 20, Theben Smart Energy GmbH (confidential document) [21] BSI. Anforderungskatalog zur MSB-Lieferkette, in der aktuell gültigen Fassung. URLStandards
FIPS 197, FIPS 180-4, AIS 34, AIS 46, AIS 48, AIS 32, AIS 38, RFC 5246, RFC 4493, RFC 5289, RFC 2104, RFC 5639, RFC 5114, RFC 3394, RFC 5084, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065Technical reports
BSI TR-02102, BSI TR-03109-1, BSI 7148File metadata
| Title | Certification Report BSI-DSZ-CC-0918-V7-2025 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025 |
| Keywords | "Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025" |
| Author | Federal Office for Information Security |
| Pages | 25 |
Certification report ?
Extracted keywords
Symmetric Algorithms
AES, HMAC, CMACAsymmetric Algorithms
ECC, Diffie-HellmanHash functions
SHA256, SHA-256, SHA-384, SHA-512Schemes
MAC, Key Exchange, Key agreementProtocols
SSH, TLS 1.2, TLS, IKEv2, IPsecElliptic Curves
secp256r1, secp384r1Block cipher modes
CBC, GCMSecurity level
EAL 4, EAL 5, EAL 2, EAL 1, EAL 5+, EAL 6, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_FLR.2, ALC_FLR, ALC_CMS.4, AVA_VAN.5Protection profiles
BSI-CC-PP-0073-2014Certificates
BSI-DSZ-CC-0918-V7-2025, BSI-DSZ-CC-0918-V6-2024Evaluation facilities
TĂśV InformationstechnikCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Technical Report, Version 2, 2025-01-29, ETR Summary – CONEXA 1.6, TÜV Informationstechnik GmbH, (confidential document) [8] Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, 4 Konfigurationsliste Smart Meter Gateway CONEXA 3.0, Version 1.1, Theben Smart Energy GmbH (confidential document) [10] Configuration list for the TOE SW, “ASSURANCE LIFE CYCLE – CONFIGURATION MANAGEMENT” DER, 3.0 (ALC_CMS.4), Version 3.85.0-cc, Theben Smart Energy GmbH (confidential document) [11] Handbuch CONEXA 3.0 für Gateway Administrator, Version 2.13.3, 2024-11-25, Theben Smart, Report – Smart Meter Gateway CONEXA, Version 3.01.1, 2025-01- 20, Theben Smart Energy GmbH (confidential document) [21] BSI. Anforderungskatalog zur MSB-Lieferkette, in der aktuell gültigen Fassung. URLStandards
FIPS 197, FIPS 180-4, AIS 34, AIS 46, AIS 48, AIS 32, AIS 38, RFC 5246, RFC 4493, RFC 5289, RFC 2104, RFC 5639, RFC 5114, RFC 3394, RFC 5084, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065Technical reports
BSI TR-02102, BSI TR-03109-1, BSI 7148File metadata
| Title | Certification Report BSI-DSZ-CC-0918-V7-2025 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025 |
| Keywords | "Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025" |
| Author | Federal Office for Information Security |
| Pages | 25 |
Frontpage
| Certificate ID | BSI-DSZ-CC-0918-V7-2025 |
|---|---|
| Certified item | CONEXA 3.0 Version 1.6 |
| Certification lab | BSI |
| Developer | Theben Smart Energy GmbH |
References
Outgoing- BSI-DSZ-CC-0918-V6-2024 - active - CONEXA 3.0, SW: v3.80.0-cc, HW V01.00 & V01.01
Security target ?
Extracted keywords
Symmetric Algorithms
AESAsymmetric Algorithms
ECDSA, ECC, Diffie-HellmanHash functions
SHA-256, SHA-384Schemes
MACProtocols
TLS, TLS 1.2Randomness
PRNG, RNGElliptic Curves
P-256, P-384, NIST P-256, NIST P-384, secp256r1, secp384r1Block cipher modes
GCMTLS cipher suites
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384Security level
EAL 4, EAL4, EAL 4 augmented, EAL4 augmentedClaims
OE.SM, OSP.SMSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_IMP.1, ADV_FSP.4, AGD_OPE.1, ALC_DEL.1, ALC_FLR.2, ALC_CMC.4, ALC_LCD.1, ATE_COV.2, ATE_FUN.1, AVA_VAN.5, ASE_CCL.1, ASE_INT.1, ASE_REQ.2, ASE_TSS.1Security Functional Requirements (SFR)
FAU_ARP, FAU_GEN, FAU_SAA, FAU_SAR, FAU_STG, FAU_GEN.2, FAU_STG.2, FAU_ARP.1, FAU_SAA.1, FAU_GEN.1, FAU_SAR.1, FAU_STG.4, FAU_STG.3, FAU_STG.1, FAU_GEN.2.1, FAU_STG.2.1, FAU_STG.2.2, FAU_STG.2.3, FCO_NRO, FCO_NRO.2, FCO_NRO.2.1, FCO_NRO.2.2, FCO_NRO.2.3, FCO_NRO.1, FCS_CKM, FCS_COP, FCS_CKM.4, FCS_CKM.1, FCS_CKM.2, FCS_COP.1, FCS_COP.1.1, FCS_CKM.4.1, FDP_IFC, FDP_ACC.2, FDP_ACF.1, FDP_IFF, FDP_RIP.2, FDP_SDI.2, FDP_ITC.1, FDP_ITC.2, FDP_ACC, FDP_ACC.2.1, FDP_ACC.2.2, FDP_ACC.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.2, FDP_IFC.1, FDP_IFF.1, FDP_IFF.1.3, FDP_RIP, FDP_RIP.2.1, FDP_RIP.1, FDP_SDI, FDP_SDI.2.1, FDP_SDI.2.2, FDP_SDI.1, FIA_ATD, FIA_AFL, FIA_UAU, FIA_UID, FIA_USB, FIA_ATD.1, FIA_AFL.1, FIA_UAU.2, FIA_UAU.5, FIA_UAU.6, FIA_UID.2, FIA_USB.1, FIA_UID.1, FIA_ATD.1.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_UAU.1, FIA_UAU.2.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.6.1, FIA_UID.2.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FMT_SMR, FMT_MOF.1, FMT_SMF.1, FMT_SMR.1, FMT_MSA, FMT_MSA.3, FMT_MOF, FMT_MOF.1.1, FMT_SMF, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MSA.1, FPR_CON, FPR_CON.1, FPR_PSE, FPR_CON.1.2, FPR_CON.1.1, FPR_PSE.1, FPR_PSE.1.1, FPR_PSE.1.2, FPR_PSE.1.3, FPT_FLS, FPT_RPL, FPT_STM, FPT_TST, FPT_PHP, FPT_FLS.1, FPT_RPL.1, FPT_STM.1, FPT_TST.1, FPT_PHP.1, FPT_FLS.1.1, FPT_RPL.1.1, FPT_RPL.1.2, FPT_STM.1.1, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FPT_PHP.1.1, FPT_PHP.1.2, FTP_ITC, FTP_ITC.1Protection profiles
BSI-CC-PP-0077, BSI-CC-PP-0073Certificates
BSI-DSZ-CC-0918-V7-2024, BSI-DSZ-CC-0957-V2-2016Evaluation facilities
T-Systems InternationalSide-channel analysis
physical tampering, malfunctionStandards
FIPS 180-4, FIPS 197, FIPS 140-2, RFC 5289, RFC 5246, RFC 2104, RFC 4493, RFC 5084, RFC 5905, RFC 2616, RFC 5114, RFC 5639, RFC 3394, RFC5246Technical reports
BSI TR-03109, BSI TR-03109-1File metadata
| Title | Security Target v1.97.3 - CONEXA 3.0 |
|---|---|
| Subject | Security Target |
| Author | Theben Smart Energy GmbH |
| Pages | 132 |
References
Outgoing- BSI-DSZ-CC-0957-V2-2016 - active - TCOS Smart Meter Security Module Version 1.0 Release 1/P60C144PVA
Heuristics ?
Certificate ID: BSI-DSZ-CC-0918-V7-2025
Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, AGD_OPE.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_FLR.2, ALC_LCD.1, ASE_CCL.1, ASE_INT.1, ASE_REQ.2, ASE_TSS.1, ATE_COV.2, ATE_FUN.1, AVA_VAN.5Similar certificates
Scheme data ?
| Cert Id | BSI-DSZ-CC-0918-V7-2025 | |
|---|---|---|
| Product | CONEXA 3.0, Version 1.6 | |
| Vendor | Theben Smart Energy GmbH (vormals: Theben AG) | |
| Certification Date | 06.02.2025 | |
| Category | Intelligent measuring systems | |
| Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/SmartMeter_Gateway/0918.html | |
| Enhanced | ||
| Product | CONEXA 3.0, Version 1.6 | |
| Applicant | Theben Smart Energy GmbH (vormals: Theben AG) Schlossfeld 10 72401 Haigerloch | |
| Evaluation Facility | TĂśV Informationstechnik GmbH | |
| Assurance Level | EAL4+,ALC_FLR.2,AVA_VAN.5 | |
| Protection Profile | Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, BSI-CC-PP-0073-2014 | |
| Certification Date | 06.02.2025 | |
| Expiration Date | 05.02.2033 | |
| Entries | [frozendict({'id': 'BSI-DSZ-CC-0918-V7-2025 (Ausstellungsdatum / Certification Date 06.02.2025, gültig bis / valid until 05.02.2033)', 'description': 'The Target of Evaluation (TOE) presented in this document is called "Smart Meter Gateway", “SMGW” or “Gateway” and uniquely identified as CONEXA 3.0 (CC), Version 1.6. It is the communication unit used within such an intelligent metering system and represented by the product CONEXA 3.0 except for the integrated Security Module. Besides data processing, Smart Meter Gateway offers possibility to generate tariff rates in order to enable network operators and consumers to control energy consumption in an intelligent way. The following changes on the evaluated product have been in the focus of this re-evaluation procedure: Adjustment in assignment of counter register to measured value list, optimization GWA change process, compression of data at the WAN interface, documentation adaptions, implementation of the MPO delivery method, further changes and bugfixes, kernel update and editorial changes.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V6-2024-MA-03', 'description': 'The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V6-2024-MA-02', 'description': 'The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V6-2024-MA-01', 'description': 'The maintenance consists of a bug fix that was necessary to eliminate problems with connection interruptions both when tariffing with compact profiles and during network Management.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V6-2024 (Ausstellungsdatum / Certification Date 08.02.2024, gültig bis / valid until 07.02.2032)', 'description': ', some software adjustments and adjustment of kernel-hardening. And last but not least the boot process was improved, some further adjustments with impact on documentation and editorial changes were made.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V5-2023-MA-02', 'description': 'The change to the certified product is at the level of vendor’s renaming.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V5-2023-MA-01', 'description': 'The description of the secure delivery procedure was extended due to adding an alternative delivery procedure (cardbox delivery).'}), frozendict({'id': 'BSI-DSZ-CC-0918-V5-2023 (Ausstellungsdatum / Certification Date 11.05.2023, gültig bis / valid until 10.05.2031)', 'description': 'The focus of this re-evaluation was on certification obligations following BSI-K-TR-0507-2022, mobile phone signal validation without tools, adaption reaction of >36h no time synchronization and some further small changes, adjustments and updates.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V4-2022-MA-03'}), frozendict({'id': 'BSI-DSZ-CC-0918-V4-2022-MA-02', 'description': 'The assembly space for the Fakra socket was adapted.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V4-2022-MA-01', 'description': 'The order of the configuration parameters regarding the LTE module were corrected.'}), frozendict({'id': 'BSI-DSZ-CC-0918-V4-2022 (Ausstellungsdatum / Certification Date 08.03.2022, gültig bis / valid until 07.03.2030)', 'description': 'Certificate'}), frozendict({'id': 'BSI-DSZ-CC-0918-V3-2022 (Ausstellungsdatum / Certification Date 24.01.2022, gültig bis / valid until 23.01.2030)', 'description': 'Certificate'}), frozendict({'id': 'BSI-DSZ-CC-0918-V2-2021 (Ausstellungsdatum / Certification Date 01.07.2021, gültig bis / valid until 30.06.2029)', 'description': '), Version 1.1 was enhanced due to the new tariff use cases (TAF) 9, 10 and 14. Further optimizations and some minor bugfixing were also performed.'}), frozendict({'id': 'BSI-DSZ-CC-0918-2020-MA-01', 'description': 'alive values. Therefore the version number changed for the Software from v3.33.0-cc to v3.33.3-cc.'})] | |
| Report Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7a_pdf.pdf?__blob=publicationFile&v=2 | |
| Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7b_pdf.pdf?__blob=publicationFile&v=2 | |
| Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7c_pdf.pdf?__blob=publicationFile&v=2 | |
| Description | The Target of Evaluation (TOE) is the Smart Meter Gateway (SMGW) CONEXA 3.0, Version 1.0. The Smart Meter Gateway is the communication unit in a smart metering system. The main functionality of the gateway is the reception and the storage of measured consumption and status values of the connected meters as well as the processing and the transfer of these consumption and status values to authorized entities. | |
| Subcategory | (Smart Meter Gateway) | |
References ?
Updates ?
-
10.03.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'cert_id': 'BSI-DSZ-CC-0918-V7-2025', 'product': 'CONEXA 3.0, Version 1.6', 'vendor': 'Theben Smart Energy GmbH (vormals: Theben AG)', 'certification_date': '2025-02-06', 'category': 'Intelligent measuring systems', 'url': 'https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/SmartMeter_Gateway/0918.html', 'enhanced': {'product': 'CONEXA 3.0, Version 1.6', 'applicant': 'Theben Smart Energy GmbH (vormals: Theben AG) Schlossfeld 10 72401 Haigerloch', 'evaluation_facility': 'TÜV Informationstechnik GmbH', 'assurance_level': 'EAL4+,ALC_FLR.2,AVA_VAN.5', 'protection_profile': 'Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, BSI-CC-PP-0073-2014', 'certification_date': '2025-02-06', 'expiration_date': '2033-02-05', 'entries': [{'id': 'BSI-DSZ-CC-0918-V7-2025 (Ausstellungsdatum / Certification Date 06.02.2025, gültig bis / valid until 05.02.2033)', 'description': 'The Target of Evaluation (TOE) presented in this document is called "Smart Meter Gateway", “SMGW” or “Gateway” and uniquely identified as CONEXA 3.0 (CC), Version 1.6. It is the communication unit used within such an intelligent metering system and represented by the product CONEXA 3.0 except for the integrated Security Module. Besides data processing, Smart Meter Gateway offers possibility to generate tariff rates in order to enable network operators and consumers to control energy consumption in an intelligent way. The following changes on the evaluated product have been in the focus of this re-evaluation procedure: Adjustment in assignment of counter register to measured value list, optimization GWA change process, compression of data at the WAN interface, documentation adaptions, implementation of the MPO delivery method, further changes and bugfixes, kernel update and editorial changes.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024-MA-03', 'description': 'The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024-MA-02', 'description': 'The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024-MA-01', 'description': 'The maintenance consists of a bug fix that was necessary to eliminate problems with connection interruptions both when tariffing with compact profiles and during network Management.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024 (Ausstellungsdatum / Certification Date 08.02.2024, gültig bis / valid until 07.02.2032)', 'description': ', some software adjustments and adjustment of kernel-hardening. And last but not least the boot process was improved, some further adjustments with impact on documentation and editorial changes were made.'}, {'id': 'BSI-DSZ-CC-0918-V5-2023-MA-02', 'description': 'The change to the certified product is at the level of vendor’s renaming.'}, {'id': 'BSI-DSZ-CC-0918-V5-2023-MA-01', 'description': 'The description of the secure delivery procedure was extended due to adding an alternative delivery procedure (cardbox delivery).'}, {'id': 'BSI-DSZ-CC-0918-V5-2023 (Ausstellungsdatum / Certification Date 11.05.2023, gültig bis / valid until 10.05.2031)', 'description': 'The focus of this re-evaluation was on certification obligations following BSI-K-TR-0507-2022, mobile phone signal validation without tools, adaption reaction of >36h no time synchronization and some further small changes, adjustments and updates.'}, {'id': 'BSI-DSZ-CC-0918-V4-2022-MA-03'}, {'id': 'BSI-DSZ-CC-0918-V4-2022-MA-02', 'description': 'The assembly space for the Fakra socket was adapted.'}, {'id': 'BSI-DSZ-CC-0918-V4-2022-MA-01', 'description': 'The order of the configuration parameters regarding the LTE module were corrected.'}, {'id': 'BSI-DSZ-CC-0918-V4-2022 (Ausstellungsdatum / Certification Date 08.03.2022, gültig bis / valid until 07.03.2030)', 'description': 'Certificate'}, {'id': 'BSI-DSZ-CC-0918-V3-2022 (Ausstellungsdatum / Certification Date 24.01.2022, gültig bis / valid until 23.01.2030)', 'description': 'Certificate'}, {'id': 'BSI-DSZ-CC-0918-V2-2021 (Ausstellungsdatum / Certification Date 01.07.2021, gültig bis / valid until 30.06.2029)', 'description': '), Version 1.1 was enhanced due to the new tariff use cases (TAF) 9, 10 and 14. Further optimizations and some minor bugfixing were also performed.'}, {'id': 'BSI-DSZ-CC-0918-2020-MA-01', 'description': 'alive values. Therefore the version number changed for the Software from v3.33.0-cc to v3.33.3-cc.'}], 'report_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7a_pdf.pdf?__blob=publicationFile&v=2', 'target_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7b_pdf.pdf?__blob=publicationFile&v=2', 'cert_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7c_pdf.pdf?__blob=publicationFile&v=2', 'description': 'The Target of Evaluation (TOE) is the Smart Meter Gateway (SMGW) CONEXA 3.0, Version 1.0. The Smart Meter Gateway is the communication unit in a smart metering system. The main functionality of the gateway is the reception and the storage of measured consumption and status values of the connected meters as well as the processing and the transfer of these consumption and status values to authorized entities.'}, 'subcategory': '(Smart Meter Gateway)'}.
- The scheme_data property was set to
-
03.03.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
None.
- The scheme_data property was set to
-
24.02.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'cert_id': 'BSI-DSZ-CC-0918-V7-2025', 'product': 'CONEXA 3.0, Version 1.6', 'vendor': 'Theben Smart Energy GmbH (vormals: Theben AG)', 'certification_date': '2025-02-06', 'category': 'Intelligent measuring systems', 'url': 'https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/SmartMeter_Gateway/0918.html', 'enhanced': {'product': 'CONEXA 3.0, Version 1.6', 'applicant': 'Theben Smart Energy GmbH (vormals: Theben AG) Schlossfeld 10 72401 Haigerloch', 'evaluation_facility': 'TÜV Informationstechnik GmbH', 'assurance_level': 'EAL4+,ALC_FLR.2,AVA_VAN.5', 'protection_profile': 'Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, BSI-CC-PP-0073-2014', 'certification_date': '2025-02-06', 'expiration_date': '2033-02-05', 'entries': [{'id': 'BSI-DSZ-CC-0918-V7-2025 (Ausstellungsdatum / Certification Date 06.02.2025, gültig bis / valid until 05.02.2033)', 'description': 'The Target of Evaluation (TOE) presented in this document is called "Smart Meter Gateway", “SMGW” or “Gateway” and uniquely identified as CONEXA 3.0 (CC), Version 1.6. It is the communication unit used within such an intelligent metering system and represented by the product CONEXA 3.0 except for the integrated Security Module. Besides data processing, Smart Meter Gateway offers possibility to generate tariff rates in order to enable network operators and consumers to control energy consumption in an intelligent way. The following changes on the evaluated product have been in the focus of this re-evaluation procedure: Adjustment in assignment of counter register to measured value list, optimization GWA change process, compression of data at the WAN interface, documentation adaptions, implementation of the MPO delivery method, further changes and bugfixes, kernel update and editorial changes.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024-MA-03', 'description': 'The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024-MA-02', 'description': 'The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024-MA-01', 'description': 'The maintenance consists of a bug fix that was necessary to eliminate problems with connection interruptions both when tariffing with compact profiles and during network Management.'}, {'id': 'BSI-DSZ-CC-0918-V6-2024 (Ausstellungsdatum / Certification Date 08.02.2024, gültig bis / valid until 07.02.2032)', 'description': ', some software adjustments and adjustment of kernel-hardening. And last but not least the boot process was improved, some further adjustments with impact on documentation and editorial changes were made.'}, {'id': 'BSI-DSZ-CC-0918-V5-2023-MA-02', 'description': 'The change to the certified product is at the level of vendor’s renaming.'}, {'id': 'BSI-DSZ-CC-0918-V5-2023-MA-01', 'description': 'The description of the secure delivery procedure was extended due to adding an alternative delivery procedure (cardbox delivery).'}, {'id': 'BSI-DSZ-CC-0918-V5-2023 (Ausstellungsdatum / Certification Date 11.05.2023, gültig bis / valid until 10.05.2031)', 'description': 'The focus of this re-evaluation was on certification obligations following BSI-K-TR-0507-2022, mobile phone signal validation without tools, adaption reaction of >36h no time synchronization and some further small changes, adjustments and updates.'}, {'id': 'BSI-DSZ-CC-0918-V4-2022-MA-03'}, {'id': 'BSI-DSZ-CC-0918-V4-2022-MA-02', 'description': 'The assembly space for the Fakra socket was adapted.'}, {'id': 'BSI-DSZ-CC-0918-V4-2022-MA-01', 'description': 'The order of the configuration parameters regarding the LTE module were corrected.'}, {'id': 'BSI-DSZ-CC-0918-V4-2022 (Ausstellungsdatum / Certification Date 08.03.2022, gültig bis / valid until 07.03.2030)', 'description': 'Certificate'}, {'id': 'BSI-DSZ-CC-0918-V3-2022 (Ausstellungsdatum / Certification Date 24.01.2022, gültig bis / valid until 23.01.2030)', 'description': 'Certificate'}, {'id': 'BSI-DSZ-CC-0918-V2-2021 (Ausstellungsdatum / Certification Date 01.07.2021, gültig bis / valid until 30.06.2029)', 'description': '), Version 1.1 was enhanced due to the new tariff use cases (TAF) 9, 10 and 14. Further optimizations and some minor bugfixing were also performed.'}, {'id': 'BSI-DSZ-CC-0918-2020-MA-01', 'description': 'alive values. Therefore the version number changed for the Software from v3.33.0-cc to v3.33.3-cc.'}], 'report_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7a_pdf.pdf?__blob=publicationFile&v=2', 'target_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7b_pdf.pdf?__blob=publicationFile&v=2', 'cert_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7c_pdf.pdf?__blob=publicationFile&v=2', 'description': 'The Target of Evaluation (TOE) is the Smart Meter Gateway (SMGW) CONEXA 3.0, Version 1.0. The Smart Meter Gateway is the communication unit in a smart metering system. The main functionality of the gateway is the reception and the storage of measured consumption and status values of the connected meters as well as the processing and the transfer of these consumption and status values to authorized entities.'}, 'subcategory': '(Smart Meter Gateway)'}.
- The scheme_data property was set to
-
17.02.2025 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name CONEXA 3.0, Version 1.6 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Other Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0918V7c_pdf.pdf",
"dgst": "6ac2705bebbf0953",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-0918-V7-2025",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL4+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"3.0",
"1.6"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"989546572bfeab5c"
]
},
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0918-V6-2024"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0918-V6-2024",
"BSI-DSZ-CC-0918-2020",
"BSI-DSZ-CC-0978-2016",
"BSI-DSZ-CC-0957-V2-2016",
"BSI-DSZ-CC-0918-V2-2021",
"BSI-DSZ-CC-0666-2012",
"BSI-DSZ-CC-0918-V3-2022",
"BSI-DSZ-CC-0957-2015",
"BSI-DSZ-CC-0918-V5-2023",
"BSI-DSZ-CC-0918-V4-2022",
"BSI-DSZ-CC-0845-2012",
"BSI-DSZ-CC-0845-V2-2013"
]
}
},
"scheme_data": {
"category": "Intelligent measuring systems",
"cert_id": "BSI-DSZ-CC-0918-V7-2025",
"certification_date": "2025-02-06",
"enhanced": {
"applicant": "Theben Smart Energy GmbH (vormals: Theben AG) Schlossfeld 10 72401 Haigerloch",
"assurance_level": "EAL4+,ALC_FLR.2,AVA_VAN.5",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7c_pdf.pdf?__blob=publicationFile\u0026v=2",
"certification_date": "2025-02-06",
"description": "The Target of Evaluation (TOE) is the Smart Meter Gateway (SMGW) CONEXA 3.0, Version 1.0. The Smart Meter Gateway is the communication unit in a smart metering system. The main functionality of the gateway is the reception and the storage of measured consumption and status values of the connected meters as well as the processing and the transfer of these consumption and status values to authorized entities.",
"entries": [
{
"description": "The Target of Evaluation (TOE) presented in this document is called \"Smart Meter Gateway\", \u201cSMGW\u201d or \u201cGateway\u201d and uniquely identified as CONEXA 3.0 (CC), Version 1.6. It is the communication unit used within such an intelligent metering system and represented by the product CONEXA 3.0 except for the integrated Security Module. Besides data processing, Smart Meter Gateway offers possibility to generate tariff rates in order to enable network operators and consumers to control energy consumption in an intelligent way. The following changes on the evaluated product have been in the focus of this re-evaluation procedure: Adjustment in assignment of counter register to measured value list, optimization GWA change process, compression of data at the WAN interface, documentation adaptions, implementation of the MPO delivery method, further changes and bugfixes, kernel update and editorial changes.",
"id": "BSI-DSZ-CC-0918-V7-2025 (Ausstellungsdatum / Certification Date 06.02.2025, g\u00fcltig bis / valid until 05.02.2033)"
},
{
"description": "The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.",
"id": "BSI-DSZ-CC-0918-V6-2024-MA-03"
},
{
"description": "The changes are related to an update of the user guidance and to the certified scope of the delivery procedures. For the certified scope of the delivery procedures, the assurance component ALC_DEL.1 (ALC_DEL.1.1D, ALC_DEL.1.1C) has been refined in the ST to only cover the delivery of the TOE from the manufacturer to the MPO (metering point operator), who is the customer of the developer and the recipient of the TOE.",
"id": "BSI-DSZ-CC-0918-V6-2024-MA-02"
},
{
"description": "The maintenance consists of a bug fix that was necessary to eliminate problems with connection interruptions both when tariffing with compact profiles and during network Management.",
"id": "BSI-DSZ-CC-0918-V6-2024-MA-01"
},
{
"description": ", some software adjustments and adjustment of kernel-hardening. And last but not least the boot process was improved, some further adjustments with impact on documentation and editorial changes were made.",
"id": "BSI-DSZ-CC-0918-V6-2024 (Ausstellungsdatum / Certification Date 08.02.2024, g\u00fcltig bis / valid until 07.02.2032)"
},
{
"description": "The change to the certified product is at the level of vendor\u2019s renaming.",
"id": "BSI-DSZ-CC-0918-V5-2023-MA-02"
},
{
"description": "The description of the secure delivery procedure was extended due to adding an alternative delivery procedure (cardbox delivery).",
"id": "BSI-DSZ-CC-0918-V5-2023-MA-01"
},
{
"description": "The focus of this re-evaluation was on certification obligations following BSI-K-TR-0507-2022, mobile phone signal validation without tools, adaption reaction of \u003e36h no time synchronization and some further small changes, adjustments and updates.",
"id": "BSI-DSZ-CC-0918-V5-2023 (Ausstellungsdatum / Certification Date 11.05.2023, g\u00fcltig bis / valid until 10.05.2031)"
},
{
"id": "BSI-DSZ-CC-0918-V4-2022-MA-03"
},
{
"description": "The assembly space for the Fakra socket was adapted.",
"id": "BSI-DSZ-CC-0918-V4-2022-MA-02"
},
{
"description": "The order of the configuration parameters regarding the LTE module were corrected.",
"id": "BSI-DSZ-CC-0918-V4-2022-MA-01"
},
{
"description": "Certificate",
"id": "BSI-DSZ-CC-0918-V4-2022 (Ausstellungsdatum / Certification Date 08.03.2022, g\u00fcltig bis / valid until 07.03.2030)"
},
{
"description": "Certificate",
"id": "BSI-DSZ-CC-0918-V3-2022 (Ausstellungsdatum / Certification Date 24.01.2022, g\u00fcltig bis / valid until 23.01.2030)"
},
{
"description": "), Version 1.1 was enhanced due to the new tariff use cases (TAF) 9, 10 and 14. Further optimizations and some minor bugfixing were also performed.",
"id": "BSI-DSZ-CC-0918-V2-2021 (Ausstellungsdatum / Certification Date 01.07.2021, g\u00fcltig bis / valid until 30.06.2029)"
},
{
"description": "alive values. Therefore the version number changed for the Software from v3.33.0-cc to v3.33.3-cc.",
"id": "BSI-DSZ-CC-0918-2020-MA-01"
}
],
"evaluation_facility": "T\u00dcV Informationstechnik GmbH",
"expiration_date": "2033-02-05",
"product": "CONEXA 3.0, Version 1.6",
"protection_profile": "Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, BSI-CC-PP-0073-2014",
"report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7a_pdf.pdf?__blob=publicationFile\u0026v=2",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0918V7b_pdf.pdf?__blob=publicationFile\u0026v=2"
},
"product": "CONEXA 3.0, Version 1.6",
"subcategory": "(Smart Meter Gateway)",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/SmartMeter_Gateway/0918.html",
"vendor": "Theben Smart Energy GmbH (vormals: Theben AG)"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0957-V2-2016"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0978-2016",
"BSI-DSZ-CC-0957-V2-2016"
]
}
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Theben Smart Energy GmbH",
"manufacturer_web": "https://www.theben.de",
"name": "CONEXA 3.0, Version 1.6",
"not_valid_after": "2033-02-05",
"not_valid_before": "2025-02-06",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "0918V7c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 4
}
},
"FF": {
"DH": {
"Diffie-Hellman": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0918-V6-2024": 2,
"BSI-DSZ-CC-0918-V7-2025": 13
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0073-2014": 4
}
},
"cc_sar": {
"ALC": {
"ALC_CMS.4": 2,
"ALC_FLR": 3,
"ALC_FLR.2": 4
},
"AVA": {
"AVA_VAN.5": 5
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 4": 8,
"EAL 4 augmented": 3,
"EAL 5": 3,
"EAL 5+": 1,
"EAL 6": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"3.0 (ALC_CMS.4), Version 3.85.0-cc, Theben Smart Energy GmbH (confidential document) [11] Handbuch CONEXA 3.0 f\u00fcr Gateway Administrator, Version 2.13.3, 2024-11-25, Theben Smart": 1,
"4 Konfigurationsliste Smart Meter Gateway CONEXA 3.0, Version 1.1, Theben Smart Energy GmbH (confidential document) [10] Configuration list for the TOE SW, \u201cASSURANCE LIFE CYCLE \u2013 CONFIGURATION MANAGEMENT\u201d DER": 1,
"Report \u2013 Smart Meter Gateway CONEXA, Version 3.01.1, 2025-01- 20, Theben Smart Energy GmbH (confidential document) [21] BSI. Anforderungskatalog zur MSB-Lieferkette, in der aktuell g\u00fcltigen Fassung. URL": 1,
"Technical Report, Version 2, 2025-01-29, ETR Summary \u2013 CONEXA 1.6, T\u00dcV Informationstechnik GmbH, (confidential document) [8] Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"GCM": {
"GCM": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 1
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 3
},
"TLS": {
"TLS": {
"TLS": 6,
"TLS 1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 1
},
"KEX": {
"Key Exchange": 1
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"secp256r1": 1,
"secp384r1": 1
}
},
"eval_facility": {
"TUV": {
"T\u00dcV Informationstechnik": 3
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 1,
"SHA-384": 1,
"SHA-512": 1,
"SHA256": 9
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 32": 1,
"AIS 34": 2,
"AIS 38": 1,
"AIS 46": 2,
"AIS 48": 2
},
"FIPS": {
"FIPS 180-4": 4,
"FIPS 197": 7
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"RFC": {
"RFC 2104": 3,
"RFC 3394": 3,
"RFC 4493": 6,
"RFC 5084": 3,
"RFC 5114": 3,
"RFC 5246": 4,
"RFC 5289": 3,
"RFC 5639": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 4
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-02102": 1,
"BSI TR-03109-1": 3
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025",
"/Title": "Certification Report BSI-DSZ-CC-0918-V7-2025",
"pdf_file_size_bytes": 361601,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/AIS",
"http://www.commoncriteriaportal.org/cc/",
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/",
"https://www.commoncriteriaportal.org/",
"https://www.sogis.eu/",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.bsi.bund.de/zertifizierung"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 25
},
"report_filename": "0918V7a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2, AVA_VAN.5 valid until: 5 February 2033",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-0918-V7-2025",
"cert_item": "CONEXA 3.0 Version 1.6",
"cert_lab": "BSI",
"developer": "Theben Smart Energy GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014, BSI-CC-PP-0073-2014"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 4
}
},
"FF": {
"DH": {
"Diffie-Hellman": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0918-V6-2024": 2,
"BSI-DSZ-CC-0918-V7-2025": 13
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0073-2014": 4
}
},
"cc_sar": {
"ALC": {
"ALC_CMS.4": 2,
"ALC_FLR": 3,
"ALC_FLR.2": 4
},
"AVA": {
"AVA_VAN.5": 5
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 4": 8,
"EAL 4 augmented": 3,
"EAL 5": 3,
"EAL 5+": 1,
"EAL 6": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"3.0 (ALC_CMS.4), Version 3.85.0-cc, Theben Smart Energy GmbH (confidential document) [11] Handbuch CONEXA 3.0 f\u00fcr Gateway Administrator, Version 2.13.3, 2024-11-25, Theben Smart": 1,
"4 Konfigurationsliste Smart Meter Gateway CONEXA 3.0, Version 1.1, Theben Smart Energy GmbH (confidential document) [10] Configuration list for the TOE SW, \u201cASSURANCE LIFE CYCLE \u2013 CONFIGURATION MANAGEMENT\u201d DER": 1,
"Report \u2013 Smart Meter Gateway CONEXA, Version 3.01.1, 2025-01- 20, Theben Smart Energy GmbH (confidential document) [21] BSI. Anforderungskatalog zur MSB-Lieferkette, in der aktuell g\u00fcltigen Fassung. URL": 1,
"Technical Report, Version 2, 2025-01-29, ETR Summary \u2013 CONEXA 1.6, T\u00dcV Informationstechnik GmbH, (confidential document) [8] Protection Profile for the Gateway of a Smart Metering System, Version 1.3, 31 March 2014": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"GCM": {
"GCM": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 1
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 3
},
"TLS": {
"TLS": {
"TLS": 6,
"TLS 1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 1
},
"KEX": {
"Key Exchange": 1
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"secp256r1": 1,
"secp384r1": 1
}
},
"eval_facility": {
"TUV": {
"T\u00dcV Informationstechnik": 3
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 1,
"SHA-384": 1,
"SHA-512": 1,
"SHA256": 9
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 32": 1,
"AIS 34": 2,
"AIS 38": 1,
"AIS 46": 2,
"AIS 48": 2
},
"FIPS": {
"FIPS 180-4": 4,
"FIPS 197": 7
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"RFC": {
"RFC 2104": 3,
"RFC 3394": 3,
"RFC 4493": 6,
"RFC 5084": 3,
"RFC 5114": 3,
"RFC 5246": 4,
"RFC 5289": 3,
"RFC 5639": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 4
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-02102": 1,
"BSI TR-03109-1": 3
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, Theben, SMGW, Smart Meter Gateway, BSI-DSZ-CC-0918-V7-2025",
"/Title": "Certification Report BSI-DSZ-CC-0918-V7-2025",
"pdf_file_size_bytes": 361601,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/AIS",
"http://www.commoncriteriaportal.org/cc/",
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/",
"https://www.commoncriteriaportal.org/",
"https://www.sogis.eu/",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.bsi.bund.de/zertifizierung"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 25
},
"st_filename": "0918V7b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 5
},
"ECDSA": {
"ECDSA": 1
}
},
"FF": {
"DH": {
"Diffie-Hellman": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0918-V7-2024": 1,
"BSI-DSZ-CC-0957-V2-2016": 1
}
},
"cc_claims": {
"OE": {
"OE.SM": 4
},
"OSP": {
"OSP.SM": 5
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0073": 1,
"BSI-CC-PP-0077": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.4": 1,
"ADV_IMP.1": 1
},
"AGD": {
"AGD_OPE.1": 1
},
"ALC": {
"ALC_CMC.4": 1,
"ALC_DEL.1": 6,
"ALC_FLR.2": 6,
"ALC_LCD.1": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_INT.1": 1,
"ASE_REQ.2": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.2": 1,
"ATE_FUN.1": 1
},
"AVA": {
"AVA_VAN.5": 7
}
},
"cc_security_level": {
"EAL": {
"EAL 4": 5,
"EAL 4 augmented": 2,
"EAL4": 1,
"EAL4 augmented": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_ARP": 10,
"FAU_ARP.1": 1,
"FAU_GEN": 38,
"FAU_GEN.1": 22,
"FAU_GEN.2": 8,
"FAU_GEN.2.1": 1,
"FAU_SAA": 11,
"FAU_SAA.1": 4,
"FAU_SAR": 30,
"FAU_SAR.1": 7,
"FAU_STG": 32,
"FAU_STG.1": 8,
"FAU_STG.2": 15,
"FAU_STG.2.1": 1,
"FAU_STG.2.2": 1,
"FAU_STG.2.3": 1,
"FAU_STG.3": 3,
"FAU_STG.4": 3
},
"FCO": {
"FCO_NRO": 3,
"FCO_NRO.1": 1,
"FCO_NRO.2": 9,
"FCO_NRO.2.1": 1,
"FCO_NRO.2.2": 1,
"FCO_NRO.2.3": 1
},
"FCS": {
"FCS_CKM": 44,
"FCS_CKM.1": 16,
"FCS_CKM.2": 6,
"FCS_CKM.4": 32,
"FCS_CKM.4.1": 1,
"FCS_COP": 63,
"FCS_COP.1": 10,
"FCS_COP.1.1": 1
},
"FDP": {
"FDP_ACC": 2,
"FDP_ACC.1": 9,
"FDP_ACC.2": 11,
"FDP_ACC.2.1": 1,
"FDP_ACC.2.2": 1,
"FDP_ACF.1": 11,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.2": 4,
"FDP_ACF.1.3": 1,
"FDP_ACF.1.4": 3,
"FDP_IFC": 29,
"FDP_IFC.1": 12,
"FDP_IFC.2": 4,
"FDP_IFF": 25,
"FDP_IFF.1": 24,
"FDP_IFF.1.3": 1,
"FDP_ITC.1": 12,
"FDP_ITC.2": 12,
"FDP_RIP": 2,
"FDP_RIP.1": 1,
"FDP_RIP.2": 9,
"FDP_RIP.2.1": 1,
"FDP_SDI": 2,
"FDP_SDI.1": 1,
"FDP_SDI.2": 8,
"FDP_SDI.2.1": 1,
"FDP_SDI.2.2": 1
},
"FIA": {
"FIA_AFL": 3,
"FIA_AFL.1": 8,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_ATD": 3,
"FIA_ATD.1": 13,
"FIA_ATD.1.1": 1,
"FIA_UAU": 5,
"FIA_UAU.1": 2,
"FIA_UAU.2": 8,
"FIA_UAU.2.1": 1,
"FIA_UAU.5": 7,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UAU.6": 8,
"FIA_UAU.6.1": 1,
"FIA_UID": 3,
"FIA_UID.1": 8,
"FIA_UID.2": 12,
"FIA_UID.2.1": 1,
"FIA_USB": 3,
"FIA_USB.1": 8,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_MOF": 1,
"FMT_MOF.1": 10,
"FMT_MOF.1.1": 1,
"FMT_MSA": 64,
"FMT_MSA.1": 9,
"FMT_MSA.3": 12,
"FMT_SMF": 2,
"FMT_SMF.1": 19,
"FMT_SMF.1.1": 1,
"FMT_SMR": 3,
"FMT_SMR.1": 30,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPR": {
"FPR_CON": 6,
"FPR_CON.1": 10,
"FPR_CON.1.1": 3,
"FPR_CON.1.2": 5,
"FPR_PSE": 2,
"FPR_PSE.1": 8,
"FPR_PSE.1.1": 3,
"FPR_PSE.1.2": 2,
"FPR_PSE.1.3": 2
},
"FPT": {
"FPT_FLS": 3,
"FPT_FLS.1": 10,
"FPT_FLS.1.1": 1,
"FPT_PHP": 3,
"FPT_PHP.1": 8,
"FPT_PHP.1.1": 1,
"FPT_PHP.1.2": 1,
"FPT_RPL": 3,
"FPT_RPL.1": 8,
"FPT_RPL.1.1": 1,
"FPT_RPL.1.2": 1,
"FPT_STM": 3,
"FPT_STM.1": 18,
"FPT_STM.1.1": 1,
"FPT_TST": 3,
"FPT_TST.1": 9,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 1
},
"FTP": {
"FTP_ITC": 30,
"FTP_ITC.1": 9
}
},
"certification_process": {},
"cipher_mode": {
"GCM": {
"GCM": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"TLS": {
"TLS": 62,
"TLS 1.2": 5
}
}
},
"crypto_scheme": {
"MAC": {
"MAC": 9
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"NIST P-256": 3,
"NIST P-384": 3,
"P-256": 3,
"P-384": 3,
"secp256r1": 3,
"secp384r1": 3
}
},
"eval_facility": {
"TSystems": {
"T-Systems International": 3
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 13,
"SHA-384": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"PRNG": 1
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {
"FI": {
"malfunction": 2,
"physical tampering": 4
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 3,
"FIPS 180-4": 8,
"FIPS 197": 12
},
"RFC": {
"RFC 2104": 6,
"RFC 2616": 5,
"RFC 3394": 3,
"RFC 4493": 8,
"RFC 5084": 4,
"RFC 5114": 5,
"RFC 5246": 7,
"RFC 5289": 6,
"RFC 5639": 5,
"RFC 5905": 4,
"RFC5246": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 7
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-03109": 1,
"BSI TR-03109-1": 2
}
},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 2,
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 2,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": 2,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 2
}
},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Theben Smart Energy GmbH",
"/Subject": "Security Target",
"/Title": "Security Target v1.97.3 - CONEXA 3.0",
"pdf_file_size_bytes": 1745578,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
"http://www.jtc1sc27.din.de/sce/sd6",
"https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Smart-metering/Smart-Meter-Gateway/MSB/MSB_node.html",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 132
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0073V2b_pdf.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0918V7a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"AVA_VAN.5",
"EAL4+",
"ALC_FLR.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0918V7b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "b0b55c574edb3cee38bf1dea985490de59e8f9955483cb9e7f0bcf60070865ac",
"txt_hash": "3451ee77f5103086809869689fe9e468326d3fd4b2daaf1ff794e60877a88525"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "b0b55c574edb3cee38bf1dea985490de59e8f9955483cb9e7f0bcf60070865ac",
"txt_hash": "3451ee77f5103086809869689fe9e468326d3fd4b2daaf1ff794e60877a88525"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "1fddcfa85a3b2badb976db3009dd684548e5052ece9bec019900214ba402f98c",
"txt_hash": "4d1faaa0a8a7c975a68fea0c922a77caa9e5b7de82857924c48ce731b13c153f"
}
},
"status": "active"
}